Return to BSD News archive
Newsgroups: comp.unix.bsd Path: sserve!manuel!munnari.oz.au!uunet!puc.cl!lascar.puc.cl!mstehr From: mstehr@lascar.puc.cl (Martin Stehr) Subject: Monitoring ethernet segment using PROMISC mode Message-ID: <1992Aug25.213440.9671@tolten.puc.cl> Sender: news@tolten.puc.cl (News Manager) Organization: Pontificia Universidad Catolica de Chile Date: Tue, 25 Aug 1992 21:34:40 GMT Lines: 39 Hi, I' am currently working on my thesis constructing some kind of active network monitoring system. Actually the system is collecting information from multiple hosts, obtaining about each host kernel info like job queues, disk I/O, context switches, device interrupts, page faults, swapping, etc. Also it can get info about for exampe TCP bytes and packets I/O on that host. The active part of the system is going to be used experimentally in order to create some loads on some hosts or between two of them, laying on the same or different ethernet segments. The whole is going to be used remotely by other people for tuning or testing different configurations for hosts and connections. Now I'm searching for some method to obtain general info about some ethernet segment, so as the *total* number of packets and bytes sent on the segment (not only to the specific host where the monitor daemon is installed), considering all packets at the IP layer. I wonder if this could be possible opening a raw socket, setting the corresponding ethernet device on *promisc* mode and using recvfrom() to get all the incoming packets. I'll appreciate any info about: 1) if that's really possible 2) how does it affect system performance (more device interrupts ?) 3) some simple (?) method of doing the task by some kind of daemon installed on the system (I don't want to rebuild part of the kernel !) Our system runs a 4.3BSD Unix. Any help would be appreciated ! Greetings from Chile - Southamerica :) mstehr@lascar.puc.cl